Posts Tagged ‘network’

Parsing network stream into http request/response

The need was to convert the network stream into clear text http request/responses while doing some decoding of the response body. For instance:

request uri + queryString => response body

  1. Capture the stream – easy using tcpdump
  2. Filter the http stream – easy using wireshark with a tcp.port eq 80 filter
  3. Export http #1. using wireshark file -> export objects -> http. This works fine only for files. It does not work for POST requests. FAIL.
  4. Using tshark and a combination of -Tfields and -e parameters. Did not worked easily enough even if I suspect it would. FAIL.
  5. Using tcpflow:  tcpflow -r test.pcapng -ehttp. This generates some nice flows but it had some disadvantages: requests and responses are in different files and are flow sorted not time sorted. I think this can be overcome by writting a script which parses: report.xml using something like this. FAIL.
  6. Final idea was based on pcap2har which parses a .pcap file to a har. Some changes to main.py and voila:
logging.info('Flows=%d. HTTP pairs=%d' % (len(session.flows), len(session.entries)))
 
for e in sorted(session.entries, key=lambda x: x.ts_start):
    if e.request.msg.method == 'GET':
        print 'GET', e.request.url
    elif e.request.msg.method == 'POST':
        print 'POST', e.request.url, urlencode({k: v[0] for k, v in e.request.query.items()})
    if e.response.mimeType == 'application/octet-stream':
        print decode(e.response.text, options.password)
    else:
        print 'unknown:', e.response.mimeType, e.response.raw_body_length
    print '\n'
 
#write the HAR file

 

Replicated EhCache, the uneasy road

At first replicating EhCache seems a very easy task, just need to configure ehcache.xml with RMI and you are ready. Is it so?

(more…)

Apache mod_jk configuration

I don’t know why, even if there is a lot of documentation on the subject the mod_jk installation still seems a bit of mystic elements. This is why I decided to write a very short mod_jk configuration guide oriented for debian, ubuntu linux systems.

First, mod_jk is an apache module which allows a more customized communication to an apache tomcat server using the AJP 1.3 protocol. This usually happens using the TCP port 8009 so yes, there must be a connection from the apache server to the tomcat one. The alternative for mod_jk is mod_proxy which can be used for simple cases.

Most systems should have a mod_jk package by now:

apt-get install libapache2-mod-jk
a2enmod jk

This should install and enable mod_jk so now it’s time to configure it. There are 3 parts. First the jk-workers.properties file which can be created in /etc/apache2

# workers.properties -

# The list of Tomcat workers
worker.list=ajp13

# Defining a worker named ajp13 and of type ajp13
# Note that the name and the type do not have to match.
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker.
worker.ajp13.lbfactor=1

#
# Specify the size of the open connection cache.
worker.ajp13.cachesize=10

This file contains the workers which can be referenced by name later. Note that this is the point where the tomcat server is configured.

Second this file and other configurations have to be tied to mod_jk. This means usually editing the /etc/apache2/modules-enables/jk.load file:

LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so
JkWorkersFile   /etc/apache2/jk-workers.properties
JkLogFile       /var/log/apache2/mod_jk.log
JkLogLevel      info
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories -ForwardLocalAddress
JkRequestLogFormat "%w %V %T"
JkMount /xContext/* ajp13

This file first specifies the jk-workers file and then configures the mod_jk logging mechanism. It also adds some options which I use frequently. Of course you can read the full documentation but this is a document for the quick install.

The actual connection to a tomcat context is done by the JkMount directive. You can either put it here to have a global association in your server or just add it to your virtual server configuration which is the 3’rd place where you might need to edit something. Just add a JkMount directive to make your tomcat context accessible from apache. One great thing about mod_jk is that you can do that even from a ssl context and thus adding ssl to your application without any tomcat configuration whatsoever.

Old/new I8000 #2

Wireless support

Ok, now there is an Ubuntu system installed on the old Dell Inspiron 8000. Only one thing remains: some kind of wireless support. So, to this end, I have bought an Edimax wireless usb stick: EW-7318Ug.

(more…)

Old/new I8000 #1

I have 2 old Dell Inspiron 8000 laptops which even if they are around 6 years old still have some nice features:

  • 1600×1200 screen resolution
  • very good quality sound card compared to the one of my new D820 (maestro3 versus intel_hda)

Both of them are running linux since a very long time but I wanted to install a fresh/clean new version on one of them in order to be used as a music, internet station at home since I am afraid that backpack carrying the D820 each day on a bicycle will finally prove fatal to it. This describes some of the steps I took. (more…)

dhcp and djbdns

DHCP

Installing a dhcp server was quite simple.

# apt-get install dhcp3-server

Then I just had to modify the /etc/dhcp/dhcpd.conf the configuration file did not changed almost at all from the previous versions so I could just copy it with very small modifications. The only interesting thing in this file is how to make a server boot from the network:

host X {  
#next-server X.X.X.1;  
#filename "/tftpboot/pxelinux.0";  
hardware ethernet XX:XX:XX:XX:XX:XX;  
fixed-address X.X.X.28;
} (more…)

Qmail

Qmail based on qmailrocks install

One of the things I missed most and disappointed me is the grave lack of a qmail package for Gutsy. I’m using Qmail since more than 5 years and I was always happy. This describes the installation based on the qmailrocks debian guide. All credits should go to the qmailrocks team. This only points some of the differences and problems I encountered on ubuntu. It’s mainly a list of commands as found on the qmailrocks site with some observations. (more…)

Disabling avahi-daemon

One of the things I quickly found to be bothering me is the fact that there was an apparently long and unexplicable delay for all new network connections which resembled to a dns resolving. No reason for lengthy dns resolving though. So I did a strace: (more…)